Added special handling for root

megoth · megoth · commit 84e856c335da · 2019-01-30T00:32:30.000+01:00
To not break old PODs that have a root ACL that doesn't give READ access to root - will check for the ACL for the representation that is served back for root

Hopefully making things a bit easier to read

Added comment about the hack
diff --git a/lib/handlers/allow.js b/lib/handlers/allow.js
@@ -54,6 +54,8 @@ function allow (mode, checkPermissionsForDirectory) {
       return next()
     }
     if (mode === 'Read' && (resourcePath === '' || resourcePath === '/')) {
+      // This is a hack to make NSS check the ACL for representation that is served for root (if any)
+      // See https://github.com/solid/node-solid-server/issues/1063 for more info
       const representationUrl = await ldp.resourceMapper.getRepresentationUrlForResource(resourceUrl)
       req.acl = ACL.createFromLDPAndRequest(representationUrl, ldp, req)
       const representationIsAllowed = await req.acl.can(userId, mode)

Original file line number	Diff line number	Diff line change
`@@ -54,6 +54,8 @@ function allow (mode, checkPermissionsForDirectory) {`
`54`	`54`	`return next()`
`55`	`55`	`}`
`56`	`56`	`if (mode === 'Read' && (resourcePath === '' \|\| resourcePath === '/')) {`
	`57`	`+ // This is a hack to make NSS check the ACL for representation that is served for root (if any)`
	`58`	`+ // See https://github.com/solid/node-solid-server/issues/1063 for more info`
`57`	`59`	`const representationUrl = await ldp.resourceMapper.getRepresentationUrlForResource(resourceUrl)`
`58`	`60`	`req.acl = ACL.createFromLDPAndRequest(representationUrl, ldp, req)`
`59`	`61`	`const representationIsAllowed = await req.acl.can(userId, mode)`